Currently, the client is perfectly capable of managing HTTPS connection, however certificate verification is system-dependent.
On linux, everything works fine, openSSL check the OS certificate database, and has access to registered CA/Root to verify certs.
On windows, openSSL cannot do it directly, and you have the following error message :
"Peer certificate cannot be authenticated with given CA certificates"
To solve this, there is two solutions :
Use Schannels, which is Microsoft re-implementation of openSSL. It's a drop in (curl can compile fine with it). Problem : it's not open source
Open windows cert store, and load them into openSSL cert store (see https://stackoverflow.com/questions/9507184/can-openssl-on-windows-use-the-system-certificate-store for an example code)
On Mac OS, I'm not entirely sure, it seems like the steam client (& the app store, not sure about official one) cannot do it, but with a different error message : "Problem with the SSL CA cert (path? access right?)". To solve this, you need to use Secure transport (Apple re-implementation of openSSL), which is also a drop-in that curl can use, and it's open source.
I think the best fix is do nothing on linux (it works fine atm), add windows-specific code to load windows cert store into openSSL cert store, and add some documentation about mac OS & howto use secure transport for curl.